From: slevin kremera (slevin.kremera@gmail.com)
Date: Sun Sep 30 2007 - 10:28:50 ART
or does it depend on the way the question is structured
On 9/30/07, slevin kremera <slevin.kremera@gmail.com> wrote:
>
> So what is the best thing to do in DOS attack questions
> shud tcp be in intercept mode or watch mode??????????
>
>
> On 8/9/07, WorkerBee < ciscobee@gmail.com> wrote:
> >
> > One extra precaution is to omit your BGP peerings from the TCP intercept
> > list.
> >
> > If really under DOS attack which I have experienced it, the router CPU
> > shoots up very high when you're in intercept mode, probably, you can
> > start off with watch mode and associate to an access-list to limit the
> > "watched" traffic to inspect.
> >
> > Make sure you have enough memory for handle to estimate xxx concurrent
> > sessions
> > to your network.
> >
> >
> > On 8/4/07, Guyler, Rik < rguyler@shp-dayton.org> wrote:
> > > Just an OT question for the collective: are BGP routers a suitable
> > location
> > > to run TCP Intercept?
> > >
> > > I would think that the edge of my network is a perfect place to try to
> >
> > > defend against DOS attacks but I don't know what negative side effects
> > might
> > > appear (if any) by doing this.
> > >
> > > ---
> > > Rik
> > >
> > >
> > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:17 ART